Nginx负载均衡健康检查

前言

在Nginx官方模块提供的模块中，没有对负载均衡后端节点的健康检查模块 但可以使用第三方模块 nginx_upstream_check_module 来检测后端服务器的健康状态。我安装Nginx的方式，是通过 yum 安装的，通过 yum 安装的没有 nginx_upstream_check_module 这个模块，所以我们需要先给 Nginx 把这个模块安装好。

如果你已经yum安装过Nginx，那么建议最好是先 yum remove nginx 卸载一下，暂时没有找到找能不卸载然后给Nginx配置这个模块的办法。

安装配置

• 安装依赖包

yum -y install gcc glibc gcc-c++ openssl-devel pcre-devel patch

• 下载nginx源码包和nginx_upstream_check模块第三方模块

Nginx官方地址

cd /usr/local
wget https://nginx.org/download/nginx-1.21.4.tar.gz
wget https://github.com/yaoweibin/nginx_upstream_check_module/archive/refs/heads/master.zip

该第三方模块在 github 上的地址为：可以去查看，也给出了配置的示例，很详细。地址

• 解压Nginx源码包和第三方模块

tar -zxvf nginx-1.21.4.tar.gz
unzip nginx_upstream_check_module-master.zip

• 添加Nginx模块

cd nginx-1.21.4/
patch -p1 < ../nginx_upstream_check_module-master/check_1.20.1+.patch 

p1代表在Nginx目录，p0是不在Nginx目录

• 编译Nginx，需要添加upstream_check第三方模块

通过 nginx -V 查看

将以上内容复制下来

重新编译的时候加上 --add-module=/usr/local/nginx_patch/nginx_upstream_check_module-master。 模块地址就是你下载 nginx_upstream_check_module 到本地的地址。(但是有时候nginx -v会失败，但是不会又太大影响，直接复制下面的命令也是可以的)

./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --add-module=/usr/local/nginx_patch/nginx_upstream_check_module-master --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

• 编译安装

make && make install

• 启动NGINX（防止因为报错为启动成功）

suho /usr/sbin/nginx

此时可能会报错没有发现某个文件夹，但是不影响，你去对应的目录创建一个即可
nginx -t 检查nginx配置是否正确
nginx -s reload 重新加载配置文件

• 博主的nginx.conf配置(其实建议最好的每个站点的配置文件独立开,但是我偷懒了并没有)

注意，这配置文件通用性比较高，但是也是需要依赖自己的需求修改部分配置，博主是在两台服务器之间进行搭建的两台NGINX，双方进行心跳检测，ip为内网和弹性两个，10.75.25.207对应的内网是10.75.28.14

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    map $time_iso8601 $logdate {
    '~^(?<ymd>\d{4}-\d{2}-\d{2})' $ymd;
    default    'date-not-found';
    }
   
send_timeout 30;

    client_body_buffer_size 40m;

    proxy_buffer_size 128k; 
    proxy_buffers 4 128k; 
    proxy_busy_buffers_size 128k;
    
    # access_log /var/log/nginx/access.log main;
    access_log  /var/log/nginx/access-$logdate.log main;
    server_tokens off;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /usr/local/nginx/conf/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.


    server {
        listen       80;
        #listen 443 ssl http2;
        server_name  10.75.28.14 10.75.25.207;
        index  index.html;
        root /data/wwwroot/paizhu/dist/;

        gzip on; 
        gzip_buffers 32 4K; 
        gzip_comp_level 6; 
        gzip_min_length 200;
        # access_log /var/log/nginx/host.access_.log main; 
        gzip_types application/javascript text/css text/xml; 
        gzip_disable "MSIE [1-6]\."; 
        #配置禁用gzip条件，支持正则。此处表示ie6及以下不启用gzip（因为ie低版本不支持）
        gzip_vary on;

        #SSL-END

        location /status {
            check_status;
            access_log   off;
        }

        location /file {
            alias /data/wwwroot/upload;
            try_files $uri @mongrel;
        }
        
        location @mongrel {
            if ($http_lan_check = "1") {
                return 404;
            }
            proxy_pass http://10.75.28.37:80;
            proxy_set_header lan-check "1";
        }

        location /oss {
            rewrite ^/oss(.*)$ /$1 break;
            proxy_pass http://szpzjdgzglxt.oss111b-cn-sx-zjsxzwy01-d01-a.inner.zjsxzwy.cn/;
            #proxy_set_header Host $host; OSS的反向代理，需要去掉来源地址，政务云是这样
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header Upgrade $http_upgrade;
            proxy_http_version 1.1;
            add_header X-Cache $upstream_cache_status;
        }


        location /manage {
            proxy_pass http://manage;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header Upgrade $http_upgrade;
            #proxy_set_header Connection $connection_upgrade;
            proxy_http_version 1.1;
            # proxy_hide_header Upgrade;

            add_header X-Cache $upstream_cache_status;
            #Set Nginx Cache

            set $static_fileyb8cQBoU 0;
            if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
            {
                set $static_fileyb8cQBoU 1;
                expires 1m;
            }
            if ( $static_fileyb8cQBoU = 0 )
            {
                add_header Cache-Control no-cache;
            }
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    upstream manage {
        least_conn;
        server 10.75.28.14:500 weight=1 max_fails=2 fail_timeout=10s; # 服务实例1
        server 10.75.28.14:501 weight=1 max_fails=2 fail_timeout=10s; # 服务实例2
        server 10.75.28.37:500 weight=1 max_fails=2 fail_timeout=10s; # 服务实例3
        server 10.75.28.37:501 weight=1 max_fails=2 fail_timeout=10s; # 服务实例4

        check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_http_send "GET /manage/heartbeat HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
    }
}

效果图

• 正常状态

• 掉线状态

博主个人开源博客地址：www.chengke.net，质量拉满，涵盖高质量开源项目，欢迎来访。